Parallel Model Checking of ω-automata
|
|
- Mitchell Mason
- 6 years ago
- Views:
Transcription
1 Parallel Model Checking of ω-automata Vincent Bloemen Formal Methods and Tools, University of Twente Abstract. Specifications for non-terminating reactive systems are described by ω-regular properties. Such properties can be translated in various types of automata, e.g. Büchi, Rabin, and Parity. A model checker can then check for language containment and determine whether the system meets the specification. Checking these automata becomes more complex when introducing probabilities and/or an adversary, e.g. the uncontrollable environment, to the automaton. Parallel algorithms have become crucial for fully utilizing current hardware systems. With respect to model checking we therefore focus on designing scalable parallel algorithms for emptiness checking. This research focuses on designing and improving parallel graph searching algorithms for emptiness checking on various types of ω-automata. As a basis, we developed a scalable multi-core on-the-fly algorithm for the detection of strongly connected components (SCCs). Our aim is to contribute to the state-of-the-art techniques in parallel model checking, based on both theoretical complexity analysis and empirical studies on suitable benchmarks. 1 Introduction Model checking. The automata-theoretic approach to model checking ω-regular properties involves taking the synchronized product of the (negated) property to check and the state space of the system. The resulting product automaton is then checked for language emptiness by searching for an infinite execution that satisfies the acceptance condition, which is defined by the ω-automaton. If such an accepting trace is found, the system is able to perform behaviour that is not allowed by the original property, hence we say that a counterexample has been found [6]. Types of ω-automata. An ω-automaton accepts infinite strings which is useful for specifying behaviour in non-terminating systems, i.e. control systems. The acceptance condition can be described in various types of automata, most commonly Büchi, co-büchi, Rabin, Streett, Parity and Muller (see Section 3 for the definitions). While each type of (nondeterministic) automaton can describe the same property, the sizes of these automata may differ exponentially. As a consequence, the choice of automata could significantly improve the time to model check. On the other hand, the model checking procedure may also become a lot more complex for such smaller automata.
2 Chatterjee and Henzinger [5] provide a good overview on different classes of ω-regular properties and how these 1-player properties can be extended with e.g. adversaries (2-player) and probabilities (1 1 /2 and 2 1 /2-player). With an adversary, the automaton is called a game and the goal of player 1 is to force the property, i.e. satisfying the property for all possible actions of the adversary. Parallel model checking. Multi-core architectures have become increasingly more accessible, and the number of CPU cores grows as well. Scalable solutions have been presented to solve the reachability problem [1,11] and the accepting cycle problem [7,16,3,4]. On a 64-core machine, the accepting cycle problem is currently being solved 25 times faster compared to a sequential approach [4]. For many other acceptance conditions, there is limited to non-existing work in parallel solutions. Motivation. The main motivation of this work is to better understand how model checking can be efficiently applied in a practical sense. Two aspects of importance are how the type of automaton influences the model checking procedure, and how parallelism can be fully exploited in the algorithms. Currently, however, it remains unknown whether a particular type of ω-automaton can be checked efficiently in parallel. While the common approach in practice seems to use Büchi automata for LTL model checking, a Rabin automaton might be a better alternative [17]. Expected contributions. In this research we aim to contribute to scalable parallel solutions for model checking various types of ω-automata. We focus on explicit state on-the-fly graph search algorithms. At present, we designed a scalable multi-core on-the-fly strongly connected component (SCC) algorithm [2,3] based on parallel depth-first search (DFS) and concurrent union-find (more on this in Section 2). We consider this algorithm as a basis for the research and have successfully applied it in the context of LTL model checking for Büchi automata [4]. We continue by designing and investigating parallel solutions for other types of automata. This is followed by studying 2-player cases and stochastic instances, e.g. by improving Maximal End Component (MEC) decomposition. 2 Strongly Connected Components in Parallel Preliminaries. For a directed graph G := V, E, two states v, w V are strongly connected iff there is a path from v to w and also from w to v. A strongly connected component (SCC) is defined as the maximal set of states C V such that for all states v, w C, v and w are strongly connected. An SCC is called trivial if it consists of a single state v and there is no edge v v E. We further define the notion that C is a partial SCC if all states in C are strongly connected, but C is not necessarily maximal. We assume that the graph is computed on-the-fly. This implies that an algorithm initially only has access to the initial state, and can use a function to compute the successor states: suc(v) := {w V v w E}.
3 d e f a b c Fig. 1: Two workers cooperate to find an accepting cycle. Fig. 2: Cyclic list structure. A multi-core on-the-fly algorithm for detecting SCCs. The general idea behind the algorithm is to perform multiple randomized 1 DFS instances in parallel and globally communicate detected cycles. The main improvement on related work [13,16] is that a complete SCC can be detected in parallel without having to rely on a single worker to visit every state of the SCC. By tracking partial SCCs, multiple workers can even cooperatively detect cycles. As a result, scalable on-the-fly SCC decomposition is now possible for large SCCs. The algorithm. We describe the algorithm without going in much detail, for a more in-depth description we refer the reader to Bloemen et al. [3]. A concurrent union-find structure is used for globally communicating partial SCCs. In essence this is a structure to maintain sets of states and a single state is the representative or root of a set. Whenever a worker detects a cycle, it merges all (sets of) states on this cycle to a single set in the union-find structure. Tracking worker IDs. We extended the union-find structure to also maintain worker IDs in the root of each set. When a worker visits a new state v, it adds its worker ID to the root of the set for v. As a consequence, the worker will regard every state in the partial SCC of v as a visited state. We exploit this for detecting cycles, as we show in Fig. 1. Here, a blue worker detected the cycle {b, e, d} and the red worker has visited the path a b c f. If the red worker visits state e, it will detect that it has already visited this set (namely via b), thus it reports a cycle and merges states c and f to the set. Cyclic lists for tracking non-fully explored states. We say that a state v is fully explored if all its successors either direct to completed SCCs or to other states in the set of v, since we cannot gain more information from v. A cyclic list, illustrated in Fig. 2, tracks all states in the partial SCC that still have to be fully explored (marked white) and removes the fully explored ones (marked gray). Cyclic lists get merged when states are added to the partial SCC. Workers select states from the list to search from. When the list is empty, all states of the (partial) SCC have been fully explored and the SCC can be marked as completed. 1 The set of successors is randomly ordered for each worker, such that each worker explores the graph in a different order.
4 3 Acceptance on ω-automata An ω-automaton is defined in Definition 1, as presented by Grädel et al. [8] Definition 1 (ω-automaton). An ω-automaton is a tuple A = Q, Σ, δ, q 0, F, where Q is a finite set of states, Σ is a finite alphabet, δ : Q Σ 2 Q is the state transition function, q 0 Q is the initial state, and F is the acceptance component. In a deterministic ω-automaton, a transition function δ : Q Σ Q is used. Acceptance conditions. We describe the acceptance component F for different types of ω-automata. A run is an infinite sequence of states, starting from q 0, such that for every two successive states v, w there is a transition from v to w. A word α Σ ω is accepted by A iff there exists a run ρ of A on α such that (Büchi acceptance) Inf(ρ) F, where F Q is a set of accepting states. (co-büchi acceptance) Inf(ρ) F =, where F Q. (Rabin acceptance) (L, R) F : (Inf(ρ) L = ) (Inf(ρ) R ), where F = {(L 1, R 1 ),..., (L k, R k )} with L i, R i Q. (Streett acceptance) (L, R) F : (Inf(ρ) L ) (Inf(ρ) R = ), where F = {(L 1, R 1 ),..., (L k, R k )} with L i, R i Q. (Parity acceptance) min{f(q) q Inf(ρ)} is even, where F : Q {1,..., k} is a mapping from states to priorities. (Muller acceptance) Inf(ρ) F, where F 2 Q is a collection of accepting sets of states. Here, Inf(ρ) denotes the set of states that is visited infinitely often in the run ρ. Fig. 1 illustrates a Büchi automaton, where f is an accepting state and a b c f e d b... is an accepting cycle. Generalized and transition-based acceptance. Conjunctions of multiple Büchi Automata (BA) can also be described with Generalized Büchi Automata (GBA). A GBA considers a set of multiple acceptance conditions, meaning that a run is accepting iff all acceptance conditions are visited infinitely often. Another variant is the Transition-based Büchi Automata (TBA) with acceptance on edges instead of states and the combination is called a Transition-based Generalized Büchi Automata (TGBA). Such generalized variants of automata can significantly reduce the state-space, though tracking acceptance becomes more involved. We observed that using a TGBA instead of a BA does not necessarily lead to better model checking performance in practice [4]. 4 Related Work One-player automata. As already mentioned in Section 1, efficient parallel solutions exist for the reachability problem [1,11] and the accepting cycle problem [7,16,3] (or Büchi acceptance). Recently, a GPU algorithm for model checking Rabin automata was presented [17]. Streett acceptance is somewhat related
5 to fairness detection, a problem for which existing work is present in a parallel setting [12]. For other acceptance conditions no existing work on parallel algorithms seems to exist. Two-player and stochastic automata. Interestingly, in a 2-player context there is plentiful work on solving Parity acceptance (Parity games) sequentially, but related work also includes a few parallel solutions [15,9]. To the best of our knowledge, no parallel algorithms exist for the remaining automata. Wijs et al. [18] present a solution for MEC decomposition on GPUs, a core problem in stochastic model checking (which also relates to Büchi games). 5 Current and Future Work Approach. (On-the-fly) SCC detection forms a basis for emptiness checking algorithms. Our plan is to apply our parallel on-the-fly SCC algorithm [3] and related building blocks in detecting the various acceptance conditions. We use these building blocks to parallelize existing techniques, and e.g. in the case of Parity games improve existing work by applying various novel optimizations. Evaluation. We evaluate the performance and scalability of our algorithms (1) theoretically, using appropriate notions of complexity analysis and (2) empirically, by performing experiments on existing publicly available benchmark suites (e.g. the BEEM [14] database and experiments from the Model Checking Contest [10]) and comparing with related work. We relate this to the original properties to compare different acceptance conditions. Current stage of research. Currently, one of the four years of the PhD has passed. We have published two papers, one presents the SCC algorithm [3] and another that applies the algorithm for LTL checking with Büchi automata [4]. We also obtained a first place for LTL checking in the 2016 Model Checking Contest [10]. We are currently investigating Rabin and Streett acceptance. Acknowledgements. We thank the anonymous reviewers for their helpful comments. This work is supported by the 3TU.BSR project. References 1. Barnat, J., Brim, L., Rockai, P.: DiVinE 2.0: High-Performance Model Checking. In: Proceedings of the 2009 International Workshop on High Performance Computational Systems Biology. pp HIBI 09, IEEE Computer Society (2009) 2. Bloemen, V.: On-The-Fly Parallel Decomposition of Strongly Connected Components. Master s thesis (2015) 3. Bloemen, V., Laarman, A., van de Pol, J.: Multi-core On-the-fly SCC Decomposition. In: Proceedings of the 21st ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming. pp. 8:1 8:12. PPoPP 16, ACM (2016)
6 4. Bloemen, V., van de Pol, J.: Multi-core SCC-based LTL Model Checking. In: Haifa Verification Conference. Springer (2016), to appear. 5. Chatterjee, K., Henzinger, T.A.: A Survey of Stochastic ω-regular Games. Journal of Computer and System Sciences 78(2), (2012) 6. Clarke, E.M., Emerson, E.A., Sistla, A.P.: Automatic Verification of Finite-state Concurrent Systems Using Temporal Logic Specifications. ACM Transactions on Programming Languages and Systems 8(2), (1986) 7. Evangelista, S., Laarman, A., Petrucci, L., van de Pol, J.: Improved Multi-Core Nested Depth-First Search. In: Chakraborty, S., Mukund, M. (eds.) Automated Technology for Verification and Analysis, pp Lecture Notes in Computer Science, Springer Berlin Heidelberg (2012) 8. Grädel, E., Thomas, W., Wilke, T. (eds.): Automata Logics, and Infinite Games: A Guide to Current Research. Springer-Verlag (2002) 9. Hoffmann, P., Luttenberger, M.: Solving Parity Games on the GPU. In: Van Hung, D., Ogawa, M. (eds.) Automated Technology for Verification and Analysis, Lecture Notes in Computer Science, vol. 8172, pp Springer International Publishing (2013) 10. Kordon, F., Garavel, H., Hillah, L.M., Hulin-Hubard, F., Chiardo, G., Hamez, A., Jezequel, L., Miner, A., Meijer, J., Paviot-Adet, E., Racordon, D., Rodriguez, C., Rohr, C., Srba, J., Thierry-Mieg, Y., Trịnh, G., Wolf, K.: Complete Results for the 2016 Edition of the Model Checking Contest (2016) 11. Laarman, A., van de Pol, J., Weber, M.: Boosting Multi-core Reachability Performance with Shared Hash Tables. In: Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design. pp FMCAD 10 (2010) 12. Liu, Y., Sun, J., Dong, J.: Scalable Multi-core Model Checking Fairness Enhanced Systems. In: Breitman, K., Cavalcanti, A. (eds.) Formal Methods and Software Engineering, Lecture Notes in Computer Science, vol. 5885, pp Springer Berlin Heidelberg (2009) 13. Lowe, G.: Concurrent depth-first search algorithms based on Tarjan s Algorithm. International Journal on Software Tools for Technology Transfer pp (2015) 14. Pelánek, R.: BEEM: Benchmarks for Explicit Model Checkers, pp Springer Berlin Heidelberg (2007) 15. van de Pol, J., Weber, M.: A Multi-Core Solver for Parity Games. Electronic Notes in Theoretical Computer Science 220(2), (2008) 16. Renault, E., Duret-Lutz, A., Kordon, F., Poitrenaud, D.: Variations on parallel explicit emptiness checks for generalized Büchi automata. International Journal on Software Tools for Technology Transfer pp (2016) 17. Wijs, A.: BFS-Based Model Checking of Linear-Time Properties with an Application on GPUs, pp Springer International Publishing (2016) 18. Wijs, A., Katoen, J.P., Bošnački, D.: GPU-Based Graph Decomposition into Strongly Connected and Maximal End Components. In: Biere, A., Bloem, R. (eds.) Computer Aided Verification, Lecture Notes in Computer Science, vol. 8559, pp Springer International Publishing (2014)
Multi-core SCC-Based LTL Model Checking
Multi-core SCC-Based LTL Model Checking Vincent Bloemen (B) and Jaco van de Pol Formal Methods and Tools, University of Twente, Enschede, The Netherlands {v.bloemen,j.c.vandepol}@utwente.nl Abstract. We
More informationExplicit State Model Checking with Generalized Büchi and Rabin Automata
Explicit State Model Checking with Generalized Büchi and Rabin Automata Vincent Bloemen University of Twente Enschede, The Netherlands v.bloemen@utwente.nl Alexandre Duret-Lutz LRDE, EPITA Kremlin-Bicêtre,
More informationAutomata-Theoretic LTL Model Checking. Emptiness of Büchi Automata
Automata-Theoretic LTL Model Checking Graph Algorithms for Software Model Checking (based on Arie Gurfinkel s csc2108 project) Automata-Theoretic LTL Model Checking p.1 Emptiness of Büchi Automata An automation
More informationSafra's Büchi determinization algorithm
Safra's Büchi determinization algorithm Aditya Oak Seminar on Automata Theory 28 Jan 2016 Introduction Proposed by S. Safra in 1988 For determinization of non-deterministic Büchi automaton Gives equivalent
More informationCOMP 763. Eugene Syriani. Ph.D. Student in the Modelling, Simulation and Design Lab School of Computer Science. McGill University
Eugene Syriani Ph.D. Student in the Modelling, Simulation and Design Lab School of Computer Science McGill University 1 OVERVIEW In the context In Theory: Timed Automata The language: Definitions and Semantics
More informationImproving Parallel State-Space Exploration Using Genetic Algorithms
Improving Parallel State-Space Exploration Using Genetic Algorithms Etienne Renault LRDE, EPITA, Kremlin-Bicêtre, France Abstract. The verification of temporal properties against a given system may require
More informationVariations on Parallel Explicit Emptiness Checks for Generalized Büchi Automata
Noname manuscript No. (will be inserted by the editor) Variations on Parallel Explicit Emptiness Checks for Generalized Büchi Automata E. Renault (1) A. Duret-Lutz (1) F. Kordon (2,3) D. Poitrenaud (3,4)
More informationLecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking Instructor: Tevfik Bultan Buchi Automata Language
More informationPartial-Order Reduction for Multi-Core LTL Model Checking
Partial-Order Reduction for Multi-Core LTL Model Checking Alfons Laarman 1,2 and Anton Wijs 3 1 Vienna University of Technology 2 University of Twente 3 RWTH Aachen University alfons@laarman.com, awijs@cs.rwth-aachen.de
More informationThe Maude LTL Model Checker and Its Implementation
The Maude LTL Model Checker and Its Implementation Steven Eker 1,José Meseguer 2, and Ambarish Sridharanarayanan 2 1 Computer Science Laboratory, SRI International Menlo Park, CA 94025 eker@csl.sri.com
More informationALASKA Antichains for Logic, Automata and Symbolic Kripke structures Analysis
ALASKA Antichains for Logic, Automata and Symbolic Kripke structures Analysis M. De Wulf 1, L. Doyen 2, N. Maquet 1 and J.-F. Raskin 1 1 Université Libre de Bruxelles (ULB), Belgium 2 École Polytechnique
More informationMonitoring Interfaces for Faults
Monitoring Interfaces for Faults Aleksandr Zaks RV 05 - Fifth Workshop on Runtime Verification Joint work with: Amir Pnueli, Lenore Zuck Motivation Motivation Consider two components interacting with each
More informationIMPROVED ALGORITHMS FOR PARITY AND STREETT OBJECTIVES
Logical Methods in Computer Science Vol. 13(3:26)2017, pp. 1 27 www.lmcs-online.org Submitted Apr. 21, 2016 Published Sep. 26, 2017 IMPROVED ALGORITHMS FOR PARITY AND STREETT OBJECTIVES KRISHNENDU CHATTERJEE
More informationLogic Model Checking
Logic Model Checking Lecture Notes 17:18 Caltech 101b.2 January-March 2005 Course Text: The Spin Model Checker: Primer and Reference Manual Addison-Wesley 2003, ISBN 0-321-22862-6, 608 pgs. checking omega
More informationDistributed Memory LTL Model Checking
! " #$ %& D E ')(+*,.-0/132?@ACB 46587:9= F GH Faculty of Informatics Masaryk University Brno Distributed Memory LTL Model Checking Ph.D. Thesis Jiří Barnat September 2004 Abstract Distribution and
More informationLinear-Time Model Checking: Automata Theory in Practice
Linear-Time Model Checking: Automata Theory in Practice (Extended Abstract of an Invited Talk) Moshe Y. Vardi Rice University, Department of Computer Science, Houston, TX 77251-1892, U.S.A. vardi@cs.rice.edu
More informationConcurrent Depth-First Search Algorithms
Concurrent Depth-First Search Algorithms Gavin Lowe Department of Computer Science, University of Oxford Wolfson Building, Parks Road, Oxford, OX1 3QD, United Kingdom gavin.lowe@cs.ox.ac.uk Abstract. We
More informationModel Checking with Automata An Overview
Model Checking with Automata An Overview Vanessa D Carson Control and Dynamical Systems, Caltech Doyle Group Presentation, 05/02/2008 VC 1 Contents Motivation Overview Software Verification Techniques
More informationTrading Memory for Randomness
Trading Memory for Randomness Krishnendu Chatterjee Luca de Alfaro Thomas A. Henzinger EECS, University of California, Berkeley,USA CE, University of California, Santa Cruz,USA Computer and Communication
More informationFaster and Dynamic Algorithms For Maximal End-Component Decomposition And Related Graph Problems In Probabilistic Verification
Faster and Dynamic Algorithms For Maximal End-Component Decomposition And Related Graph Problems In Probabilistic Verification Krishnendu Chatterjee Monika Henzinger Abstract We present faster and dynamic
More informationDistributed LTL Model Checking with Hash Compaction 1
Available online at www.sciencedirect.com Electronic Notes in Theoretical Computer Science 296 (2013) 79 93 www.elsevier.com/locate/entcs Distributed LTL Model Checking with Hash Compaction 1 J. Barnat,
More informationMemory Efficient Algorithms for the Verification of Temporal Properties
Memory Efficient Algorithms for the Verification of Temporal Properties C. Courcoubetis Inst. of Comp. Sci. of Crete M. Vardi IBM Almaden P. Wolper Un. de Liège M. Yannakakis AT&T Bell Labs Abstract This
More informationM. Vardi IBM Almaden P. Wolper. M. Yannakakis AT&T Bell Labs
Appears in: Formal Methods in System Design, vol. 1, 1992, pp. 275--288. Memory-Efficient Algorithms for the Verification of Temporal Properties C. Courcoubetis Inst. of Comp. Sci., FORTH, Crete, Greece
More informationModel Checking VHDL with CV
Model Checking VHDL with CV David Déharbe 1, Subash Shankar 2, and Edmund M. Clarke 2 1 Universidade Federal do Rio Grande do Norte, Natal, Brazil david@dimap.ufrn.br 2 Carnegie Mellon University, Pittsburgh,
More informationOn Refinement of Büchi Automata for Explicit Model Checking
On Refinement of Büchi Automata for Explicit Model Checking František Blahoudek 1, Alexandre Duret-Lutz 2, Vojtěch Rujbr 1, and Jan Strejček 1 1 Faculty of Informatics, Masaryk University, Brno, Czech
More informationA Test Case Generation Algorithm for Real-Time Systems
A Test Case Generation Algorithm for Real-Time Systems Anders Hessel and Paul Pettersson Department of Information Technology Uppsala University, P.O. Box 337 SE-751 05 Uppsala, Sweden {hessel,paupet}@it.uu.se
More informationSérgio Campos, Edmund Clarke
Sérgio Campos, Edmund 1 / 23 Model checking is a technique that relies on building a finite model of a system and checking that a desired property holds in that model. The check is performed by an exhaustive
More informationFault Detection of Reachability Testing with Game Theoretic Approach
Fault Detection of Reachability Testing with Game Theoretic Approach S. Preetha Dr.M. Punithavalli Research Scholar, Karpagam University, Coimbatore. Director, Sri Ramakrishna Engineering College, Coimbatore.
More informationModel checking pushdown systems
Model checking pushdown systems R. Ramanujam Institute of Mathematical Sciences, Chennai jam@imsc.res.in Update Meeting, IIT-Guwahati, 4 July 2006 p. 1 Sources of unboundedness Data manipulation: integers,
More informationOn Nested Depth First Search
DIMACS Series in Discrete Mathematics and Theoretical Computer Science Volume 32, 1997 On Nested Depth First Search Gerard J. Holzmann, Doron Peled, and Mihalis Yannakakis The SPIN. ABSTRACT. We show in
More informationModel-Checking Concurrent Systems. The Model Checker Spin. The Model Checker Spin. Wolfgang Schreiner
Model-Checking Concurrent Systems Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.jku.at 1.
More informationIssues on Decentralized Consistency Checking of Multi-lateral Collaborations
Issues on Decentralized Consistency Checking of Multi-lateral Collaborations Andreas Wombacher University of Twente Enschede The Netherlands a.wombacher@utwente.nl Abstract Decentralized consistency checking
More informationMulti-Core Model Checking
B.Comp. Dissertation Multi-Core Model Checking By Nguyen Chi Dat Department of Computer Science School of Computing National University of Singapore 2011/12 B.Comp. Dissertation Multi-Core Model Checking
More informationJoint Entity Resolution
Joint Entity Resolution Steven Euijong Whang, Hector Garcia-Molina Computer Science Department, Stanford University 353 Serra Mall, Stanford, CA 94305, USA {swhang, hector}@cs.stanford.edu No Institute
More informationTIMES A Tool for Modelling and Implementation of Embedded Systems
TIMES A Tool for Modelling and Implementation of Embedded Systems Tobias Amnell, Elena Fersman, Leonid Mokrushin, Paul Pettersson, and Wang Yi Uppsala University, Sweden. {tobiasa,elenaf,leom,paupet,yi}@docs.uu.se.
More informationLecture1: Symbolic Model Checking with BDDs. Edmund M. Clarke, Jr. Computer Science Department Carnegie Mellon University Pittsburgh, PA 15213
Lecture: Symbolic Model Checking with BDDs Edmund M Clarke, Jr Computer Science Department Carnegie Mellon University Pittsburgh, PA 523 Temporal Logic Model Checking Specification Language: A propositional
More informationTutorial on Model Checking Modelling and Verification in Computer Science
Tutorial on Model Checking Modelling and Verification in Computer Science Armin Biere Institute for Formal Models and Verification Johannes Kepler University, Linz, Austria Abstract. This paper serves
More informationModel Checking of C and C++ with DIVINE 4
Model Checking of C and C++ with DIVINE 4 Zuzana Baranová, Jiří Barnat, Katarína Kejstová, Tadeáš Kučera, Henrich Lauko, Jan Mrázek, Petr Ročkai, Vladimír Štill Faculty of Informatics, Masaryk University
More informationPet: An Interactive Software Testing Tool
Pet: An Interactive Software Testing Tool Elsa Gunter, Robert Kurshan, and Doron Peled Bell Laboratories 600 Mountain Ave. Murray Hill, NJ 07974 Abstract. We describe here the Pet (standing for path exploration
More informationModel-Checking Concurrent Systems
Model-Checking Concurrent Systems Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.jku.at Wolfgang
More informationBuilding Petri nets tools around Neco compiler
Building Petri nets tools around Neco compiler Lukasz Fronc and Franck Pommereau {fronc,pommereau}@ibisc.univ-evry.fr IBISC, Université d Évry/Paris-Saclay IBGBI, 23 boulevard de France 91037 Évry Cedex,
More informationNondeterministic Query Algorithms
Journal of Universal Computer Science, vol. 17, no. 6 (2011), 859-873 submitted: 30/7/10, accepted: 17/2/11, appeared: 28/3/11 J.UCS Nondeterministic Query Algorithms Alina Vasilieva (Faculty of Computing,
More informationParallelizing Model Checking Algorithms Using Multi-core and Many-core Architectures
Parallelizing Model Checking Algorithms Using Multi-core and Many-core Architectures Zhimin Wu SCHOOL OF COMPUTER SCIENCE AND ENGINEERING 2017 Parallelizing Model Checking Algorithms Using Multi-core and
More informationISCASMC: A Web-Based Probabilistic Model Checker
ISCASMC: A Web-Based Probabilistic Model Checker Ernst Moritz Hahn 1, Yi Li 2, Sven Schewe 3, Andrea Turrini 1, and Lijun Zhang 1 1 State Key Laboratory of Computer Science, Institute of Software, Chinese
More informationA deterministic subexponential algorithm for solving parity games
A deterministic subexponential algorithm for solving parity games Marcin Jurdziński Mike Paterson Uri Zwick Abstract The existence of polynomial time algorithms for the solution of parity games is a major
More informationAutomata Theory for Reasoning about Actions
Automata Theory for Reasoning about Actions Eugenia Ternovskaia Department of Computer Science, University of Toronto Toronto, ON, Canada, M5S 3G4 eugenia@cs.toronto.edu Abstract In this paper, we show
More informationVerifying Temporal Properties via Dynamic Program Execution. Zhenhua Duan Xidian University, China
Verifying Temporal Properties via Dynamic Program Execution Zhenhua Duan Xidian University, China Main Points Background & Motivation MSVL and Compiler PPTL Unified Program Verification Tool Demo Conclusion
More informationformal methods & tools.
UNIVERSITY OF TWENTE. formal methods & tools. SpinS: Extending LTSmin with Promela through SpinJa Alfons Laarman Joint with Freark van der Berg Sept 17, 2012 Imperial College, London, UK Spin Model Checker
More informationEfficient Planning with State Trajectory Constraints
Efficient Planning with State Trajectory Constraints Stefan Edelkamp Baroper Straße 301 University of Dortmund email: stefan.edelkamp@cs.uni-dortmund.de Abstract. This paper introduces a general planning
More informationSPOT: an Extensible Model Checking Library using Transition-based Generalized Büchi Automata
SPOT: an Extensible Model Checking Library using Transition-based Generalized Büchi Automata Alexandre Duret-Lutz and Denis Poitrenaud Laboratoire d Informatique de Paris 6, Université P. & M. Curie, 4
More informationFormal Methods for Software Development
Formal Methods for Software Development Model Checking with Temporal Logic Wolfgang Ahrendt 21st September 2018 FMSD: Model Checking with Temporal Logic /GU 180921 1 / 37 Model Checking Check whether a
More informationT Reactive Systems: Kripke Structures and Automata
Tik-79.186 Reactive Systems 1 T-79.186 Reactive Systems: Kripke Structures and Automata Spring 2005, Lecture 3 January 31, 2005 Tik-79.186 Reactive Systems 2 Properties of systems invariants: the system
More informationF-Soft: Software Verification Platform
F-Soft: Software Verification Platform F. Ivančić, Z. Yang, M.K. Ganai, A. Gupta, I. Shlyakhter, and P. Ashar NEC Laboratories America, 4 Independence Way, Suite 200, Princeton, NJ 08540 fsoft@nec-labs.com
More informationarxiv: v2 [cs.ds] 13 Apr 2018
Symbolic Algorithms for Graphs and Markov Decision Processes with Fairness Objectives Krishnendu Chatterjee 1, Monika Henzinger 2, Veronika Loitzenbauer 3, Simin Oraee 4, and Viktor Toman 1 1 IST Austria,
More informationLeveraging DTrace for runtime verification
Leveraging DTrace for runtime verification Carl Martin Rosenberg June 7th, 2016 Department of Informatics, University of Oslo Context: Runtime verification Desired properties System Every request gets
More informationModel Checking Parallel Programs with Inputs
Model Checking Parallel Programs with Inputs Jiří Barnat, Petr Bauch and Vojtěch Havel 12 February 2014 Barnat et. al. (ParaDiSe) Control Explicit Data Symbolic 1 / 23 Motivation: Parallel Software Verification
More informationCAV th July 2013 Saint Petersburg, Russia. PSyHCoS. Parameter Synthesis for Hierarchical Concurrent Real-Time Systems
CAV 2013 18th July 2013 Saint Petersburg, Russia PSyHCoS Parameter Synthesis for Hierarchical Concurrent Real-Time Systems Étienne André, Yang Liu, Jun Sun, Jin Song Dong, Shang-Wei Lin Temasek Laboratories
More informationIntegration of analytic model and simulation model for analysis on system survivability
6 Integration of analytic model and simulation model for analysis on system survivability Jang Se Lee Department of Computer Engineering, Korea Maritime and Ocean University, Busan, Korea Summary The objective
More informationForms of Determinism for Automata
Forms of Determinism for Automata Thomas Colcombet 1 1 Liafa / CNRS / Université Paris Diderot Case 7014, F-75205 Paris Cedex 13, France thomas.colcombet@liafa.jussieu.fr Abstract We survey in this paper
More informationConstructing Control Flow Graph for Java by Decoupling Exception Flow from Normal Flow
Constructing Control Flow Graph for Java by Decoupling Exception Flow from Normal Flow Jang-Wu Jo 1 and Byeong-Mo Chang 2 1 Department of Computer Engineering Pusan University of Foreign Studies Pusan
More informationResponse property checking via distributed state space exploration
Response property checking via distributed state space exploration Brad Bingham and Mark Greenstreet Department of Computer Science, University of British Columbia 201-2366 Main Mall, Vancouver, B.C.,
More informationVerifying C & C++ with ESBMC
Verifying C & C++ with ESBMC Denis A Nicole dan@ecs.soton.ac.uk CyberSecuritySoton.org [w] @CybSecSoton [fb & tw] ESBMC ESBMC, the Efficient SMT-Based Context-Bounded Model Checker was originally developed
More informationParallel Model Checking With Lazy Cycle Detection MCLCD
Parallel Model Checking With Lazy Cycle Detection MCLCD Rodrigo T. Saad, Silvano Dal Zilio and Bernard Berthomieu CNRS, LAAS, 7 avenue du Colonel Roche, F-31400 Toulouse France Univ de Toulouse, LAAS,
More informationNetwork Protocol Design and Evaluation
Network Protocol Design and Evaluation 05 - Validation, Part III Stefan Rührup Summer 2009 Overview In the first parts of this chapter: Validation models in Promela Defining and checking correctness claims
More informationModel-checking with the TimeLine formalism
Model-checking with the TimeLine formalism Andrea Zaccara University of Antwerp Andrea.Zaccara@student.uantwerpen.be Abstract A logical model checker can be an effective tool for verification of software
More informationDynamic Clock Elimination in Parametric Timed Automata
FSFMA 2013 16th July 2013 Singapore Dynamic Clock Elimination in Parametric Timed Automata Étienne André Laboratoire d'informatique de Paris Nord Université Paris 13, Sorbonne Paris Cité Étienne André
More informationUnder-Approximation Refinement for Timed Automata
Under-Approximation Refinement for Timed Automata Bachelor s thesis Natural Science Faculty of the University of Basel Department of Mathematics and Computer Science Artificial Intelligence http://ai.cs.unibas.ch/
More informationScenario Graphs Applied to Security (Summary Paper)
Book Title Book Editors IOS Press, 2003 1 Scenario Graphs Applied to Security (Summary Paper) Jeannette M. Wing Computer Science Department Carnegie Mellon University Pittsburgh, PA 15213 US Abstract.
More informationEfficient Synthesis of Production Schedules by Optimization of Timed Automata
Efficient Synthesis of Production Schedules by Optimization of Timed Automata Inga Krause Institute of Automatic Control Engineering Technische Universität München inga.krause@mytum.de Joint Advanced Student
More informationThe Hanoi Omega-Automata Format
The Hanoi Omega-Automata Format Tomáš Babiak 1, František Blahoudek 1, Alexandre Duret-Lutz 2, Joachim Klein 3, Jan Křetínský 5, David Müller 3, David Parker 4, and Jan Strejček 1 1 Faculty of Informatics,
More informationUtilizing Static Analysis for Programmable Logic Controllers
Sébastien Bornot Ralf Huuck Ben Lukoschus Lehrstuhl für Softwaretechnologie Universität Kiel Preußerstraße 1 9, D-24105 Kiel, Germany seb rhu bls @informatik.uni-kiel.de Yassine Lakhnech Verimag Centre
More informationXuandong Li. BACH: Path-oriented Reachability Checker of Linear Hybrid Automata
BACH: Path-oriented Reachability Checker of Linear Hybrid Automata Xuandong Li Department of Computer Science and Technology, Nanjing University, P.R.China Outline Preliminary Knowledge Path-oriented Reachability
More informationDirected Model Checking for PROMELA with Relaxation-Based Distance Functions
Directed Model Checking for PROMELA with Relaxation-Based Distance Functions Ahmad Siyar Andisha and Martin Wehrle 2 and Bernd Westphal Albert-Ludwigs-Universität Freiburg, Germany {andishaa,westphal}@informatik.uni-freiburg.de
More informationSpecification and Analysis of Real-Time Systems Using Real-Time Maude
Specification and Analysis of Real-Time Systems Using Real-Time Maude Peter Csaba Ölveczky1,2 and José Meseguer 1 1 Department of Computer Science, University of Illinois at Urbana-Champaign 2 Department
More informationProceedings of the 12th International Workshop on Automated Verification of Critical Systems (AVoCS 2012)
Electronic Communications of the EASST Volume 53 (2012) Proceedings of the 12th International Workshop on Automated Verification of Critical Systems (AVoCS 2012) Multi-core and/or Symbolic Model Checking
More informationThe SPIN Model Checker
The SPIN Model Checker Metodi di Verifica del Software Andrea Corradini Lezione 1 2013 Slides liberamente adattate da Logic Model Checking, per gentile concessione di Gerard J. Holzmann http://spinroot.com/spin/doc/course/
More informationLiveness and Fairness Properties in Multi-Agent Systems
Liveness and Fairness Properties in Multi-Agent Systems Hans-Dieter Burkhard FB Informatik Humboldt-University Berlin PF 1297, 1086 Berlin, Germany e-mail: hdb@informatik.hu-berlin.de Abstract Problems
More informationDISCRETE-event dynamic systems (DEDS) are dynamic
IEEE TRANSACTIONS ON CONTROL SYSTEMS TECHNOLOGY, VOL. 7, NO. 2, MARCH 1999 175 The Supervised Control of Discrete-Event Dynamic Systems François Charbonnier, Hassane Alla, and René David Abstract The supervisory
More informationJournal of Computer and System Sciences
Journal of Computer and System Sciences 78 (2012) 970 980 Contents lists available at ScienceDirect Journal of Computer and System Sciences www.elsevier.com/locate/jcss Synthesis from scenario-based specifications
More informationDistributed Systems Programming (F21DS1) Formal Verification
Distributed Systems Programming (F21DS1) Formal Verification Andrew Ireland Department of Computer Science School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Overview Focus on
More informationCS2 Language Processing note 3
CS2 Language Processing note 3 CS2Ah 5..4 CS2 Language Processing note 3 Nondeterministic finite automata In this lecture we look at nondeterministic finite automata and prove the Conversion Theorem, which
More informationPromela and SPIN. Mads Dam Dept. Microelectronics and Information Technology Royal Institute of Technology, KTH. Promela and SPIN
Promela and SPIN Mads Dam Dept. Microelectronics and Information Technology Royal Institute of Technology, KTH Promela and SPIN Promela (Protocol Meta Language): Language for modelling discrete, event-driven
More informationCLAN: A Tool for Contract Analysis and Conflict Discovery
CLAN: A Tool for Contract Analysis and Conflict Discovery Stephen Fenech 1, Gordon J. Pace 1, and Gerardo Schneider 2 1 Dept. of Computer Science, University of Malta, Malta 2 Dept. of Informatics, University
More informationNew Results on Simple Stochastic Games
New Results on Simple Stochastic Games Decheng Dai 1 and Rong Ge 2 1 Tsinghua University, ddc02@mails.tsinghua.edu.cn 2 Princeton University, rongge@cs.princeton.edu Abstract. We study the problem of solving
More informationSymbolic Automata Library for Fast Prototyping
http://excel.fit.vutbr.cz Symbolic Automata Library for Fast Prototyping Michaela Bieliková not_in{@} in{e,x,c} in{e,l} F I T Abstract Finite state automata are widely used in the fields of computer science
More informationcontaining such cycles will not satisfy the eventuality property, thus, we will be unable to derive its correctness for the concrete model. A common w
A Heuristic for the Automatic Generation of Ranking Functions Λ Dennis Dams z Rob Gerth x Orna Grumberg Abstract The duality between invariance and progress is fundamental in proof techniques for the verification
More informationAction Language Verifier, Extended
Action Language Verifier, Extended Tuba Yavuz-Kahveci 1, Constantinos Bartzis 2, and Tevfik Bultan 3 1 University of Florida 2 Carnegie Mellon University 3 UC, Santa Barbara 1 Introduction Action Language
More information4/6/2011. Model Checking. Encoding test specifications. Model Checking. Encoding test specifications. Model Checking CS 4271
Mel Checking LTL Property System Mel Mel Checking CS 4271 Mel Checking OR Abhik Roychoudhury http://www.comp.nus.edu.sg/~abhik Yes No, with Counter-example trace 2 Recap: Mel Checking for mel-based testing
More informationA Framework for Verified Depth-First Algorithms
René Neumann Technische Universität München Garching, Germany rene.neumann@in.tum.de Abstract We present a framework in Isabelle/HOL for formalizing variants of depth-first search. This framework allows
More informationParametric Schedulability Analysis of Fixed Priority Real-Time Distributed Systems
FTSCS 2013 30th October 2013 Queenstown, New Zealand Parametric Schedulability Analysis of Fixed Priority Real-Time Distributed Systems Youcheng Sun 1, Romain Soulat 2, Giuseppe Lipari 1,2, Étienne André
More informationAutomatic synthesis of switching controllers for linear hybrid systems: Reachability control
Automatic synthesis of switching controllers for linear hybrid systems: Reachability control Massimo Benerecetti and Marco Faella Università di Napoli Federico II, Italy Abstract. We consider the problem
More informationInequality Constraints On Synchronisation Counters
U N I V E R S I T A S S A R A V I E N I S S Saarland University Faculty of Natural Sciences and Technology I Department of Computer Science Bachelor s Thesis Inequality Constraints On Synchronisation Counters
More informationA Concurrent Bidirectional Linear Probing Algorithm
A Concurrent Bidirectional Linear Probing Algorithm Towards a Concurrent Compact Hash Table Steven van der Vegt University of Twente The Netherlands s.vandervegt@student.utwente.nl ABSTRACT Hash tables
More informationCRI: Symbolic Debugger for MCAPI Applications
CRI: Symbolic Debugger for MCAPI Applications Mohamed Elwakil 1, Zijiang Yang 1, and Liqiang Wang 2 1 Department of Computer Science, Western Michigan University, Kalamazoo, MI 49008 2 Department of Computer
More informationMulti-Core Reachability for Timed Automata
Multi-Core Reachability for Timed Automata Andreas Dalsgaard 2, Alfons Laarman 1, Kim G. Larsen 2, Mads Chr. Olesen 2, and Jaco van de Pol 1 1 Formal Methods and Tools, University of Twente {a.w.laarman,vdpol}@cs.utwente.nl
More informationBoolean Functions (Formulas) and Propositional Logic
EECS 219C: Computer-Aided Verification Boolean Satisfiability Solving Part I: Basics Sanjit A. Seshia EECS, UC Berkeley Boolean Functions (Formulas) and Propositional Logic Variables: x 1, x 2, x 3,, x
More informationBinary Decision Diagrams and Symbolic Model Checking
Binary Decision Diagrams and Symbolic Model Checking Randy Bryant Ed Clarke Ken McMillan Allen Emerson CMU CMU Cadence U Texas http://www.cs.cmu.edu/~bryant Binary Decision Diagrams Restricted Form of
More informationRepairing Multi-Player Games
Repairing Multi-Player Games Shaull Almagor, Guy Avni, and Orna Kupferman School of Computer Science and Engineering, The Hebrew University, Israel Abstract Synthesis is the automated construction of systems
More informationA counter-example to the minimal coverability tree algorithm
A counter-example to the minimal coverability tree algorithm A. Finkel, G. Geeraerts, J.-F. Raskin and L. Van Begin Abstract In [1], an algorithm to compute a minimal coverability tree for Petri nets has
More informationPetri Nets ee249 Fall 2000
Petri Nets ee249 Fall 2000 Marco Sgroi Most slides borrowed from Luciano Lavagno s lecture ee249 (1998) 1 Models Of Computation for reactive systems Main MOCs: Communicating Finite State Machines Dataflow
More information